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AMENDMENTS TO THE CLAIMS 



The listing of claims will rqjlace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 



client computer systems make requests for information from a server computer system, the 
server computer system providing information in response to the requests from the one or more 
client computer systems, the server computer system having one or more listen sockets and 
having a backlog queue for queuing connection requests that the server computer system cannot 
currently handle, a method of the server computer system reducing denials of service even 
though the server computer system is experiencing a denial of service attack, the method 
comprising: 

receiving a plurality of connection requests from said one or more client 
computer systems; 

establishing a connection socket for at least one of the plurality of connection 
requests without placing the connection request in a backlog queue; 

for each connection request for which the server computer system cannot 
currently establish a connection socket, placing the connection request in the backlog 
queue without then establishing a connection socket, wherein the backlog queue is 
capable of containing includ e s connection requests that include without r e gard for 
wh e th e r or not th e conn e ction r e qu e st includ e s associated request data and connection 
requests that do not include associated request data ; 

determining that the backlog queue is being used; 

in response to the determination, identifying any connection sockets that have no 
received request data; and 

disconnecting the identified connection sockets. 

Claim 2. (Original) The method in accordance with Claim 1, further comprising 
mapping each connection request to a corresponding listen socket. 



Claim 1. 



(Previously Amended) In a networked environment, wherein one or more 
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Claim 3. (Original) The method in accordance with Claim 2, wherein each listen 
socket has a corresponding backlog queue. 

Claim 4. (Original) The method in accordance with Claim 3, wherein placing the 
connection request in a backlog queue comprises placing the request in the backlog queue 
corresponding to the Hsten socket that the connection request mapped to. 

Claim 5. (Previously Amended) The method in accordance with Claim 1, wherein 
establishing a connection socket for at least one of the plurality of connection requests is 
performed using a Winsock module. 

Claim 6. (Previously Amended) The method in accordance with Claim 1, wherein 
establishing a connection socket for at least one of the plurality of connection requests comprises 
calling a module that accepts connections and waits for associated request data before 
completing. 

Claim 7. (Previously Amended) The method in accordance with Claim 6, wherein 
the module that accepts connects and waits for associated request data before completing 
comprises a WinsockQAcceptExQ module. 

Claim 8. (Previously Amended) The method in accordance with Claim 1, further 
comprising monitoring the backlog queue, the determination being made while monitoring the 
backlog queue. 

Claim 9. (Previously Amended) The method in accordance with Claim 12, wherein 
determining that the backlog queue is being used comprises detecting that the module that scans 
at least the backlog queue has returned. 
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Claim 10. (Previously Amended) The method in accordance with Claim 12, wherein 
the module that scans at least the backlog queue for activity comprises a WinsockQselectO 
module. 

Claim 11. (Original) The method in accordance with Claim 10, wherein determining 
that the backlog queue is being used comprises detecting that the WinsockQselectO module has 
returned. 

Claim 12. (Previously Amended) The method in accordance with Claim 8, wherein 
monitoring the backlog queue comprises calling a module that scans at least the backlog queue 
for activity. 

Claim 13. (Previously Amended) The method in accordance with Claim 1, wherein 
identifying any connection sockets that have connections but no received request data comprises 
the following: 

calling a module that identifies the state of the connection socket. 

Claim 14. (Original) The method in accordance with Claim 13, wherein the module 
that identifies the state of the connection socket comprises a WinsockQgetsockoptO module. 

Claim 15. (Previously Amended) The method in accordance with Claim 1, fiirther 
comprising: 

specifying a grace period spanning the time the backlog queue is determined to 
be used and the time the identified sockets are disconnected, wherein the disconnection is 
performed only if the backlog queue still has entries after the grace period. 

Claim 16. (Cancelled) 
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Claim 17. (Currently Amended) A computer program product for use in a networked 
environment, wherein one or more client computer systems make requests for information from a 
server computer system, the server computer system providing information in response to the 
requests from the one or more client computer systems, the server computer system having one 
or more listen sockets and having a backlog queue for queuing connection requests that the 
server computer system cannot currently handle, a computer program product for implementing 
a method of the server computer system reducing denials of service even though the server 
computer system is experiencing a denial of service attack, wherein the computer program 
product comprises computer-executable instructions which, when executed by a processor, 
implements the following: 

receiving a plurality of connection requests from said one or more client 

computer systems; 

establishing a connection socket for at least one of the plurality of connection 
requests without placing the cormection request in a backlog queue; 

for each cormection request for which the server computer system caimot 
currently establish a connection socket, placing the connection request in a backlog 
queue without then estabhshing a connection socket, wherein the backlog queue is 
capable of containing includ e s connection requests that include without r e gard for 
wh e th e r or not th e corm e ction r e qu e st includ e s associated request data and connection 
requests that do not include associated request data ; 

determining that the backlog queue is being used; 

in response to the determination, identifying any connection sockets that have no 
received request data; and 

disconnecting the identified connection sockets. 

Claim 18. (Original) The computer program product in accordance with Claim 17, 
further comprising computer-executable instructions for mapping each connection request to a 
corresponding listen socket, wherein each listen socket has a corresponding backlog queue. 

Claim 19. (Original) The computer program product in accordance with Claim 17, 
wherein the computer-executable instructions for placing the cormection request in a backlog 
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queue comprise computer-executable instructions for placing the request in the backlog queue 
corresponding to the listen socket that the connection request mapped to. 




Claim 20. (Previously Amended) The computer program product in accordance with 
Claim 17, wherein the computer-executable instructions for establishing a connection socket for 
at least one of the plurality of connection requests comprises at least portions of a Winsock 
module. 



Claim 21. (Cancelled) 



Claim 22. (Previously Amended) The computer program product in accordance with 
Claim 17, further comprising computer-executable instructions for performing the following: 

specifying a grace period spanning the time the backlog queue is determined to 
be used and the time the identified sockets are disconnected, wherein the discoimection is 
performed only if the backlog queue still has entries after the grace period. 



Claim 23. (Cancelled) 



Claim 24. (Currently Amended) In a networked environment, wherein one or more 
client computer systems make requests for information from a server computer system, the 
server computer system providing information in response to the requests from the one or more 
client computer systems, the server computer system having one or more listen sockets, each 
listen socket having a backlog queue for queuing connection requests that the server computer 
system cannot currently handle, a method of the server computer system reducing denials of 
service even though the server computer system is experiencing a denial of service attack, the 
method comprising: 
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receiving a plurality of connection requests from said one or more client 
computer systems; 



establishing a connection socket for at least one of the plurality of connection 
requests using a WinsockQAcceptExO module without placing the connection request in 
a backlog queue; 

mapping each connection request to a corresponding listen socket; 

for each connection request for which the server computer system cannot 
currently establish a connection socket, placing the connection request in the backlog 
queue corresponding to the listen socket that the connection request mapped to, wherein 
the backlog queue is capable of containing includ e s connection requests that include 
without r e gard for wh e th e r or not th e conn e ction r e qu e st includ e s associated request data 
and connection requests that do not include associated request data ; 

monitoring the backlog queue using a WinsockQselectO module; 

determining that the backlog queue is being used by detecting that the 
WinsockQselectO module has returned; 

identifying any connection sockets that have connections but no received request 
data using a WinsockQgetsockoptO module; and 

disconnecting the identified connection sockets. 

25. (Previously Amended) The method in accordance with Claim 24, further 



specifying a grace period spanning the time the backlog queue is determined to 
be used and the time the identified connection sockets are disconnected, wherein the 
disconnection is performed only if the backlog queue still has entries after the grace 
period. 



compnsmg: 
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